Following my "best linux distro" to run a node, what laptop would you recommend to use said node?

It is well known that somewhere around 2006 or 2008, intel started putting a chip inside the actual CPU that basically was a backdoor that still works even when you turn the computer off and does god know what. The point is, I wouldn't call any computer released past that date as safe from spying. I wonder if AMD also suffers from this in modern computers? from what i've heard that is a big yes, which puts it into an huge problem: We have stuck with old hardware, which is very annoying to deal with since syncing the node becomes even slower, and we can't even know if these pre 2006 or 2008 or whenever the ME started, are safe, but I guess it's better than nothing. I assume there are no alternatives to Intel or AMD, so what can we do?

Now, as to how accurate these sources are, will i leave to you. I personally thinkthis could be possible, but pretty unlikely.

It all seems pretty to real me... and there's no conspiracy, there are actual chips there doing weird things while you sleep. Creepy.

Quote

What is AMT?

Intel Active Management Technology (AMT) is hardware and firmware technology for remote out-of-band management of personal computers. It allows someone else to monitor, maintain, update, upgrade, and repair a computer. Out-of-band (OOB) or hardware-based management is different from software-based (or in-band) management and software management agents. Purism Librem computers avoids CPUs that have AMT (or as Intel calls it vPro enabled), and do not use Intel based networking, thus disabling this capability at the hardware level. However this does not change what the ME is capable of, which is why having a freed ME is so important to the Free Software Foundations Respects Your Freedom certification.

Quote

What is the ME?

The Intel Management Engine (ME) is a separate independent processor core that is actually embedded inside the Multichip Package (MCP) on Intel CPUs. It operates all-by-itself and separate from the main processor, the BIOS, and the Operating system (OS), but it does interact with the BIOS and OS kernel. It is a black box of mystery code at the lowest level, in ring -2, with complete control over every part of the system.

This website claims to have laptops that are free from this... not sure about that:

It comes with Trisquel installed. It's old hardware, because as you said, you simply can't expect any privacy from modern hardware, unfortunately. Another reason to not make nodes more resource consuming.

If you are in the US, you also got this option, which is very similar:

1) Whether you're being spied upon or not, is irrelevant when you're running a node that has no wallet. Data transferred over the Bitcoin network is not encrypted anyways.2) You should not run a node on a laptop.3) You can buy a used system that is 5-6 years old, e.g. some Quad Core or an early Intel i5 or i7. Pair that up with a Linux distro and a 1-2 TB HDD. Disable the wallet interface of the node and run it.

1) Whether you're being spied upon or not, is irrelevant when you're running a node that has no wallet. Data transferred over the Bitcoin network is not encrypted anyways.2) You should not run a node on a laptop.3) You can buy a used system that is 5-6 years old, e.g. some Quad Core or an early Intel i5 or i7. Pair that up with a Linux distro and a 1-2 TB HDD. Disable the wallet interface of the node and run it.

Just don`t put your "real wallet" on that node and just run it whit 0 bitcoin balance.

Just disable it completely, see my point 3.

I want to have my wallet on the full node. It wouldn't be a node that runs 24/7, just 20 minutes a day to keep it synced, in case I need to transact quickly so I don't need to have it opened for hours until it syncs for several days. I think 20 minutes a day connected to the internet in an a laptop that's made all of spyware free software and hardware isn't a realistic surface attack, and I would be ready for any forks instead of having to move your stuff from some cold storage device into the wallet (i dont consider anything but paper wallet or air gapped machine as realistic cold storage)

I want to have my wallet on the full node. It wouldn't be a node that runs 24/7, just 20 minutes a day to keep it synced, in case I need to transact quickly so I don't need to have it opened for hours until it syncs for several days.

Any i5 or i7 laptop (gen 3-4 or higher) with an SSD. The major bottleneck in a laptop is going to be IOPS, thus storage. I highly recommend not using a HDD if you want it to be quick at syncing as described.

I think 20 minutes a day connected to the internet in an a laptop that's made all of spyware free software and hardware isn't a realistic surface attack, and I would be ready for any forks instead of having to move your stuff from some cold storage device into the wallet (i dont consider anything but paper wallet or air gapped machine as realistic cold storage)

Either you don't have enough funds in that machine to make it worth attacking it by Intel, NSA & co. or you're using Bitcoin wrong (i.e. high amount on a online machine). If you're going to use this for most day-to-day transactions, then investing in "anti-spyware hardware" is a waste of money IMO.

I want to have my wallet on the full node. It wouldn't be a node that runs 24/7, just 20 minutes a day to keep it synced, in case I need to transact quickly so I don't need to have it opened for hours until it syncs for several days.

Any i5 or i7 laptop (gen 3-4 or higher) with an SSD. The major bottleneck in a laptop is going to be IOPS, thus storage. I highly recommend not using a HDD if you want it to be quick at syncing as described.

I think 20 minutes a day connected to the internet in an a laptop that's made all of spyware free software and hardware isn't a realistic surface attack, and I would be ready for any forks instead of having to move your stuff from some cold storage device into the wallet (i dont consider anything but paper wallet or air gapped machine as realistic cold storage)

Either you don't have enough funds in that machine to make it worth attacking it by Intel, NSA & co. or you're using Bitcoin wrong (i.e. high amount on a online machine). If you're going to use this for most day-to-day transactions, then investing in "anti-spyware hardware" is a waste of money IMO.

But I don't see the downfall in using hardware that isn't prone to getting spied through ME or proprietary BIOS or other surface attacks. Sure, it is slower since it's older, but it's safer, a core2duo with 8MB ram should do the job.

At the end of the day you are going to need to run your own full node to broadcast your transactions if you really want to use bitcoin as bitcoin and not as something else in between paypal and bitcoin, and if this full node is in a machine that is blinded against all that crap then it's positive.

Sure, ideally I should learn how to sign transactions in an airgapped computer, but I still didn't learn how to do that.

For now, I would use the node as a wallet, and again, 30 minutes-1 hour of daily online exposition in a laptop that would only be used to keep the node updated for that amount of time.. the surface attack is very low when you are using one of these laptops.

Eventually I would learn about the airgapped stuff. Putting all my bitcoins in a single paper wallet is dumb and i don't trust these ledgers and trezors.

But I don't see the downfall in using hardware that isn't prone to getting spied through ME or proprietary BIOS or other surface attacks. Sure, it is slower since it's older, but it's safer, a core2duo with 8MB ram should do the job.

You just contradicted yourself. Downfall: 1) Speed if you use very dated hardware. 2) Price if you use new hardware from manufacturers like e.g. Purism. 3) Trust in a 3rd party if you go with manufacturers that allegedly disabled those.

At the end of the day you are going to need to run your own full node to broadcast your transactions if you really want to use bitcoin as bitcoin and not as something else in between paypal and bitcoin

To verify the chain, yes. To broadcast your transactions? Not really. You can broadcast to several services as well as some users nodes.

You will no need anything else other than these.Even the RAM may be 4 GB or GPU may be SoC one.

We all know the more modern your components are the faster your full node experience will be, but OP is showing concerns in terms of privacy, and if you want to be sure you are safe against ME's bullshit, unfortunately, you have to resort to really old CPU's dating as back as 2008, because ME has not been fully reverse enginereed, and chances are it is impossible to get rid of ME completely. So if you want to be 100% sure of having a computer that's free from these backdoors, you must go the old CPU+Libreboot route, and even if you keep your coins on cold storage, when you relay your transaction into the network your node is still exposed to these backdoors unless you set it in a proper librebooted machine. Coreboot is an option too, but doesn't get rid of the entire thing.

I wouldn't trust this for a second. Qualcomm are direct partners with Microsoft. Deals with NSA are too juicy to bypass anymore. I would need to see someone qualified from the FSF to inspect these chips, and if they list it there then I would give it some legitimacy, which I doubt will happen.

For now an old core2duo with libreboot seems like the only solid alternative to spywarefest. I may try to run a node there for myself and see how it goes. I would only use to broadcast transactions so I guess it could do the job even if it will be annoying waiting an extra time for the blockchain to be validated but at least you have a peace of mind.

Note that we don't really know about AMD's as much but it is reasonable to be concerned about modern AMD's too.